CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

Cvelist•added 2026/04/11 12:16 a.m.•27 views

CVE-2026-4157 ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability

ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this vulnerability. The...

7.5CVSS0.00223EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-16074

Malware in sbrugna...

5.5CVSS5.7AI score0.00099EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-1999-1188

Malware in sbrugna...

7.5CVSS6.4AI score0.0123EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2010-2028

Malware in sbrugna...

3.5CVSS6AI score0.0478EPSS

Exploits1References14

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-3302

Malware in sbrugna...

5CVSS6.4AI score0.07922EPSS

Exploits1References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-3494

Malware in sbrugna...

7.8CVSS7.9AI score0.00099EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2021-7076

Malicious code in bioql PyPI...

10CVSS8AI score0.0081EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-44193

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00688EPSS

Exploits0References5

GithubExploit•added 2025/09/20 6:37 a.m.•147 views

Exploit for CVE-2025-2894

Unitree Robot BLE Service Command Injection Analysis !Meme...

6.6CVSS7.8AI score0.00212EPSS

Exploits2

Vulnrichment•added 2025/06/24 1:0 a.m.•3 views

CVE-2025-34035 EnGenius EnShare IoT Gigabit Cloud Service Command Injection

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...

10CVSS7.5AI score0.10361EPSS

Exploits2References5

RedhatCVE•added 2025/05/21 6:11 p.m.•6 views

CVE-1999-0627

The rexd service is running, which uses weak authentication that can allow an attacker to execute commands...

7.4AI score0.04314EPSS

Exploits1References1

Tenable Nessus•added 2025/05/16 12:0 a.m.•6 views

AlmaLinux 8 : webkit2gtk3 (ALSA-2025:2034)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:2034 advisory. webkitgtk: Processing maliciously crafted web content may lead to memory corruption CVE-2024-54543 webkitgtk: A maliciously crafted webpage may be able to...

8.8CVSS7.4AI score0.01179EPSS

Exploits0References7

Redos•added 2025/05/13 12:0 a.m.•9 views

ROS-20250513-01

Vulnerability of directory publishing application in domain sharedirectory is related to the lack of verification of the of a user accessing the D-Bus service. Exploitation of the vulnerability could allow an attacker to to execute arbitrary operating system commands. Information about the...

7.6AI score

Exploits0

Tenable Nessus•added 2025/03/04 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2021-29470

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in...

6.5CVSS6.2AI score0.00178EPSS

Exploits0References2

ATTACKERKB•added 2022/03/21 11:16 a.m.•3 views

CVE-2022-22688

Improper neutralization of special elements used in a command 'Command Injection' vulnerability in File service functionality in Synology DiskStation Manager DSM before 6.2.4-25556-2 allows remote authenticated users to execute arbitrary commands via unspecified vectors...

8.8CVSS7.6AI score0.01024EPSS

Exploits0References2

Prion•added 2021/07/07 2:15 p.m.•19 views

Server side request forgery (ssrf)

Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the fileremote parameter to download-add.php. It can help identify open ports, local network hosts and execute...

5CVSS5.5AI score0.0019EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2020/03/30 12:0 a.m.•116 views

openSUSE Security Update : cni / cni-plugins / conmon / etc (openSUSE-2020-398)

This update for cni, cni-plugins, conmon, fuse-overlayfs, podman fixes the following issues : podman was updated to 1.8.0 : - CVE-2019-18466: Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator 3829 bsc1155217 -...

5.8CVSS6.7AI score0.00839EPSS

Exploits1References5

Prion•added 2018/12/12 4:29 p.m.•12 views

Command injection

A vulnerability has been identified in SINUMERIK 808D V4.7 All versions, SINUMERIK 808D V4.8 All versions, SINUMERIK 828D V4.7 All versions V4.7 SP6 HF1, SINUMERIK 840D sl V4.7 All versions V4.7 SP6 HF5, SINUMERIK 840D sl V4.8 All versions V4.8 SP3. A local attacker with user privileges could use...

4.6CVSS7.1AI score0.00053EPSS

Exploits0References2Affected Software3